CKEditor 41.3.0 - 44.2.0 XSS Vulnerability

CKEditor 5 is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2023-30581 · Cksource +1 · Ckeditor +1

Name of the Vulnerable Software and Affected Versions: CKEditor versions 4.15.1 and earlier CKEditor versions prior to 4.24.0-lts Description: A Cross-Site scripting issue has been found in CKSource CKEditor. An attacker could send malicious javascript code through the "samples/old/ajax.html" fil...